Preemptive Protection against Microsoft Windows Animated Cursor Remote Code Execution Vulnerability (MS07-017)

Check Point Reference:	CPAI-2007-040
Date Published:
Severity:
Last Updated:
Source:	Microsoft Security Bulletin MS07-017
Industry Reference(s):	CVE-2007-0038
Protection Provided by:	VPN-1 NGX R65 NGX R62 NGX R61 NGX R60 NG with Application Intelligence R55W NG with Application Intelligence R55 VSX NGX InterSpect NGX 2.0 and 1.x
Who is Vulnerable? Microsoft Windows 2000 SP4 Microsoft Windows XP SP2 Microsoft Windows XP Professional x64 Edition Microsoft Windows XP Professional x64 Edition SP2 Microsoft Windows Server 2003 Microsoft Windows Server 2003 SP1 Microsoft Windows Server 2003 SP2 Microsoft Windows Server 2003 (Itanium) Microsoft Windows Server 2003 SP1 (Itanium) Microsoft Windows Server 2003 SP2 (Itanium) Microsoft Windows Server 2003 x64 Edition Microsoft Windows Server 2003 x64 Edition SP2 Windows Vista Windows Vista x64 Edition
Vulnerability Description A remote code execution vulnerability has been reported in the animated cursor code in Microsoft Windows. A remote attacker can exploit this vulnerability via a specially crafted ANI file. Animated cursors files (ANI) allow a series of frames to appear at the mouse pointer location instead of a single image (animated mouse pointer). Successful exploitation allows execution of arbitrary code on a vulnerable system.